General

  • Target

    Generators PACK.rar

  • Size

    138.8MB

  • Sample

    250310-xl65qavky7

  • MD5

    7353d9ede1812ea16dd445a7e375efc1

  • SHA1

    c2ac76823daf00dd486b0597478cf2a7a939cb74

  • SHA256

    d6ebfb2b9703d57da07f30e128b8bebc998d291e0df3c3620dba5aa1c28f2740

  • SHA512

    79360d100ca9f00d571b3f72d3331c17223ba829e7da3f6c6079cfbaf9a9a146c002c71c56f0eac0e1ecfc12aeb16786072fae592648dbf77bec168978c9140f

  • SSDEEP

    3145728:iu2xF1ueGMYVfdMYVPhQb8M47vqXb5dhrq0AkRBduFwBgm6YGW+5O8:iLbuWYAYZ6hrqTkRBt6W+48

Malware Config

Extracted

Family

xred

C2

xred.mooo.com

Attributes
  • email

    [email protected]

  • payload_url

    http://freedns.afraid.org/api/?action=getdyndns&sha=a30fa98efc092684e8d1c5cff797bcc613562978

    https://docs.google.com/uc?id=0BxsMXGfPIZfSVlVsOGlEVGxuZVk&export=download

    https://www.dropbox.com/s/n1w4p8gc6jzo0sg/SUpdate.ini?dl=1

    http://xred.site50.net/syn/SUpdate.ini

    https://docs.google.com/uc?id=0BxsMXGfPIZfSVzUyaHFYVkQxeFk&export=download

    https://www.dropbox.com/s/zhp1b06imehwylq/Synaptics.rar?dl=1

    http://xred.site50.net/syn/Synaptics.rar

    https://docs.google.com/uc?id=0BxsMXGfPIZfSTmlVYkxhSDg5TzQ&export=download

    https://www.dropbox.com/s/fzj752whr3ontsm/SSLLibrary.dll?dl=1

    http://xred.site50.net/syn/SSLLibrary.dll

Targets

    • Target

      Generators PACK.rar

    • Size

      138.8MB

    • MD5

      7353d9ede1812ea16dd445a7e375efc1

    • SHA1

      c2ac76823daf00dd486b0597478cf2a7a939cb74

    • SHA256

      d6ebfb2b9703d57da07f30e128b8bebc998d291e0df3c3620dba5aa1c28f2740

    • SHA512

      79360d100ca9f00d571b3f72d3331c17223ba829e7da3f6c6079cfbaf9a9a146c002c71c56f0eac0e1ecfc12aeb16786072fae592648dbf77bec168978c9140f

    • SSDEEP

      3145728:iu2xF1ueGMYVfdMYVPhQb8M47vqXb5dhrq0AkRBduFwBgm6YGW+5O8:iLbuWYAYZ6hrqTkRBt6W+48

    Score
    7/10
    • Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks